+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

A controversy over Chrome's new login requirements forces Google to make changes

Sep 26, 2018, 10:26 IST

REUTERS/Stephen Lam

Advertisement
  • Google recently decided to log Chrome users in automatically, a move that some researchers said risked users privacy.
  • The search company was heavily criticized after a security researcher discovered the change and the fact that Google hadn't notified users about the switch.
  • On Tuesday, Google provided more ways that Chrome users can protect their privacy, including the ability to turn off the auto-login feature.

Google on Tuesday seemed to go out of its way to squash a controversy over recent changes to the popular Chrome browser.

On Sunday, Matthew Green, a security researcher and professor at Johns Hopkins, revealed that Google had quietly started automatically logging in Chrome users. Anytime someone signed on to one of Google's properties, such as Gmail or Google Drive, they would be automatically be logged into their Chrome accounts as well.

Green said that he and many others had chosen not to sign in as a added layer of protection from accidentally sharing their browser histories with Google.

Before the recent change, users had to take two steps in order to turn their browser data over to Google. They needed to sign in, and then agree to sync their info. If users were automatically signed in by Google, one of those steps disappeared.

Advertisement

Green also accused Google of making the new sync-consent page more confusing. He said this would make it much easier for users to mistakenly turn over their info. Green predicted that the change would result in a hit to Google's reputation.

'We want to be clearer about your sign-in state'

But managers at Chrome on Tuesday acknowledged the complaints. In response, the company said a forthcoming Chrome update, due next month, will add the option of turning off the links between Chrome's login with the login for Google's other properties.

Google will also update the user interface to make it more obvious whether a user is sharing data with the company. In a statement, Zach Koch, Chrome product manager, said, "We want to be clearer about your sign-in state and whether or not you're syncing data to our Google account."

Finally, Koch said that the company will change the way it manages authorization cookies.

"In the current version of Chrome," Koch said, "we keep the Google auth cookies to allow you to stay signed in after the cookies are cleared. We will change this behavior so all cookies are deleted, and you will be signed out."

Advertisement

Google says the reason it changed the login procedures was to "simplify the way Chrome handles sign-in."

Green expressed skepticism about Google's reasoning. The search giant has yet to explain why it made the change without notifying users in the first place.

NOW WATCH: How SpaceX, Blue Origin, and Virgin Galactic plan on taking you to space

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article